urlscan.io logo urlscan.io
SecurityTrails logo

sweepwidget.com Open in urlscan Pro
2606:4700:10::ac43:2a2d  Public Scan

Go To Rescan Add Verdict Report
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Submission: On May 28 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 39 HTTP transactions. The main IP is 2606:4700:10::ac43:2a2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is sweepwidget.com. The Cisco Umbrella rank of the primary domain is 439631.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 25th 2021. Valid for: a year.
This is the only time sweepwidget.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:67c:4e8:... 62041 (TELEGRAM)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
3 5.101.109.44 14061 (DIGITALOC...)
1 192.158.224.59 397423 (TIER-NET)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2605:6c80:1:c... 397373 (H4Y-TECHN...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 193.108.153.28 34164 (AKAMAI-LON)
3 2.16.186.40 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
39 15
7    2606:4700:10::ac43:2a2d (United States)

ASN13335 (CLOUDFLARENET, US)
sweepwidget.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:67c:4e8:1033:2:100:0:a (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)
telegram.org
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    5.101.109.44 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: fra1.digitaloceanspaces.com
sweepwidget.fra1.digitaloceanspaces.com
1    192.158.224.59 (Charlotte, United States)

ASN397423 (TIER-NET, US)
PTR: intimeclick.com
user.sweepwidget.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2605:6c80:1:c::8969:8cfd (Charlotte, United States)

ASN397373 (H4Y-TECHNOLOGIES, US)
fn.us.user.sweepwidget.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    193.108.153.28 (Frankfurt am Main, Germany)

ASN34164 (AKAMAI-LON, NL)
PTR: a193-108-153-28.deploy.static.akamaitechnologies.com
www.tiktok.com
3    2.16.186.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com
lf16-tiktok-web.ttwstatic.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
10 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1549
ka-p.fontawesome.com — Cisco Umbrella Rank: 3844
263 KB
10 sweepwidget.com
sweepwidget.com — Cisco Umbrella Rank: 439631
user.sweepwidget.com — Cisco Umbrella Rank: 510821
fn.us.user.sweepwidget.com — Cisco Umbrella Rank: 555358
234 KB
3 ttwstatic.com
lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 7340
23 KB
3 digitaloceanspaces.com
sweepwidget.fra1.digitaloceanspaces.com — Cisco Umbrella Rank: 579971
278 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
72 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
86 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
36 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 419
3 KB
1 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 2324
688 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
439 B
1 telegram.org
telegram.org — Cisco Umbrella Rank: 10487
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
1 KB
39 14
Domain Requested by
9 ka-p.fontawesome.com kit.fontawesome.com
sweepwidget.com
7 sweepwidget.com sweepwidget.com
cdnjs.cloudflare.com
3 lf16-tiktok-web.ttwstatic.com www.tiktok.com
3 sweepwidget.fra1.digitaloceanspaces.com sweepwidget.com
2 fn.us.user.sweepwidget.com sweepwidget.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com sweepwidget.com
www.googletagmanager.com
2 connect.facebook.net sweepwidget.com
connect.facebook.net
2 cdnjs.cloudflare.com sweepwidget.com
1 cdn.jsdelivr.net sweepwidget.com
1 www.tiktok.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 user.sweepwidget.com sweepwidget.com
1 telegram.org sweepwidget.com
1 fonts.googleapis.com sweepwidget.com
1 kit.fontawesome.com sweepwidget.com
39 17

This site contains links to these domains. Also see Links.

Domain
www.apple.com
Subject Issuer Validity Valid
sweepwidget.com
Cloudflare Inc ECC CA-3		 2021-07-25 -
2022-07-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2021-09-10 -
2022-10-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-06 -
2022-06-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.fra1.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-04 -
2023-04-20		 a year crt.sh
user.sweepwidget.com
R3		 2022-03-30 -
2022-06-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
fn.us.user.sweepwidget.com
R3		 2022-03-30 -
2022-06-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.ttwstatic.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-08 -
2022-12-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Frame ID: BEDACE4E1968BC7BCB178DD832D5FBA0
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Macbook Pro 14 Sweepstake | American Truth Project

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

97 %
HTTPS

75 %
IPv6

14
Domains

17
Subdomains

15
IPs

4
Countries

1037 kB
Transfer

2554 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.tiktok.com/embed.js HTTP 302
  • https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/embed_v1.0.0.js

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 42012-jn81vbmp
sweepwidget.com/view/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc60665bda45d6b16ee0497f57e1bb22fd7d84e2a8208572675ab83824dc368

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7123c0fd7b789972-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 28 May 2022 03:02:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
preview.css
sweepwidget.com/css/ 		72 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sweepwidget.com/css/preview.css?v=621396805201
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bedd6d3a9d00ce9c8cdaa23d9fa6b6d50327a3c32526dda0388af45dcf5aa5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 03 May 2022 08:02:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
7123c10138589972-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
288370
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAwu1oWC05PvDniOX6%2Fm8577hKm9Nw4HCdhK3kPJB6ptk6YExS73FY9kZdXWLyaJ3GmQfHLvjNNGwagtMjAM3VYlxEBRHLsSfqJJQPkBO7yDwyPclyr1x3pGt%2BgfOn8124bbXRYRnvSGqjhqTzRC%2BBEm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7123c1015e7f913c-FRA
expires
Thu, 18 May 2023 03:02:52 GMT
build_edit_widget_functions.js
sweepwidget.com/js/ 		158 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sweepwidget.com/js/build_edit_widget_functions.js?v=621396805201
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca501998ad1429ffc8499730c97257dd03c9bfd28e023e1f8972ca1255ab5d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 26 May 2022 01:02:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7123c101385a9972-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
decab28076.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/decab28076.js
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b38a5e927e151b3264f7482ad1882b5a55322d28e224b115318276cfd5819419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://sweepwidget.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
HIT
age
44
strict-transport-security
max-age=31536000; preload
x-request-id
Ft7L4qU__o-uEFUAS61B
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
7123c1016c996946-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2358eef82e19f11d27748db3055007ae32cc450a0c52aae4a1a95a45ff133048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 28 May 2022 02:17:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 28 May 2022 03:02:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 28 May 2022 03:02:52 GMT
iframeResizer.contentWindow.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.2/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.2/iframeResizer.contentWindow.js
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eaa80aa6e63f6fb38ba409fcd7b536195da87816a7b84e32302a892b618bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6843687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7519
timing-allow-origin
*
last-modified
Fri, 11 Jun 2021 08:45:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60c3228f-1d5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmBzp%2Bp2jt1HG2DJvjKid9lx4o8WLLFHlFuaWVn0nyIOAHmGmjwmIhKGHjEOL2ByUscqGRApHoYbjeZJBmmoi4W%2BzU%2BF%2FYv8xjKBSRCvYO8SvkCVRW7SCq4mMsH3gj5eQCf50quddbRMq4U%2FZLMZR1up"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7123c1015e80913c-FRA
expires
Thu, 18 May 2023 03:02:52 GMT
w_widget_functions.js
sweepwidget.com/w/j/ 		101 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sweepwidget.com/w/j/w_widget_functions.js?v=621396805201
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d057371aaeef0639cc7efd1111bd04562c4d026c8fcc9c426dd678d393142fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 15:49:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7123c101385b9972-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
telegram-widget.js
telegram.org/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-widget.js
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:1033:2:100:0:a , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
60c62e0e44a2b4a1116d28f8a69f20c108cc84b5c173060d134a6ec083e12240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
gzip
last-modified
Thu, 14 Apr 2022 10:47:14 GMT
server
nginx/1.18.0
etag
W/"6257fbb2-4a0b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Wed, 01 Jun 2022 03:02:52 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed8d13bd96178ed28ac52237bfa406922a238d1c5069d450c80992306b9fca89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sweepwidget.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vJWZQF2FrvurXwiqdavUJQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
xSp3HYlMtPbD67ylwp5WJNqYvXUxyQiJ35K+Ubh4d7qny0eDDNL7FtL4NYyIw6ve+pGVygUzaIpDO3Aqw0+shQ==
x-fb-trip-id
686109401
x-fb-content-md5
55ab03f339f83905de94d640350b6e0c
x-frame-options
DENY
date
Sat, 28 May 2022 03:02:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e34cae95cbcc6555a6399ad4da275be9"
timing-allow-origin
*
expires
Sat, 28 May 2022 03:19:39 GMT
js
www.googletagmanager.com/gtag/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99415b685db1d26ce594232ca7ee232955ef160a4a9b93ac22ba301b96fe4caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33389
x-xss-protection
0
expires
Sat, 28 May 2022 03:02:52 GMT
sweepwidget_logo_dark7.png
sweepwidget.fra1.digitaloceanspaces.com/images/root/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sweepwidget.fra1.digitaloceanspaces.com/images/root/sweepwidget_logo_dark7.png
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
fra1.digitaloceanspaces.com
Software
/
Resource Hash
772507aa1335e8548c4e64ca18f8fa21e91d3c9770e26169dc7c5cdade7ca862
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
last-modified
Sat, 18 Dec 2021 03:52:26 GMT
x-amz-request-id
tx00000000000007909d9ff-00629190dc-475c7122-fra1b
etag
"320e9dd4ffa1163368402bfbf1d63574"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/png
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
content-length
32025
learn.js
user.sweepwidget.com/api/sweepwidget.com/k5DFGo3jjZwQe6uYVAjsTSlyCI2UsNDWICPhJm4FZheRyn3R4qc3y3nqfustbOC5JXMjwCctm62cwf8jREFcA7igzImAoOXrLceTEe6g8SP8Sj04lMU2Q43e5AzgJMq1m9gpll300RLTP1rWWuW2V8P9t3iS... 		132 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user.sweepwidget.com/api/sweepwidget.com/k5DFGo3jjZwQe6uYVAjsTSlyCI2UsNDWICPhJm4FZheRyn3R4qc3y3nqfustbOC5JXMjwCctm62cwf8jREFcA7igzImAoOXrLceTEe6g8SP8Sj04lMU2Q43e5AzgJMq1m9gpll300RLTP1rWWuW2V8P9t3iSKITo9d0sIiJYJiEYiG0Qy2Ua4y3JNhF04afXBLE9ptvKZsmx644SXupN0Kt3AceGFtODSw1mbkblBeOMDIOBWLYuQHuNuzDe6b56/learn.js
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US),
Reverse DNS
intimeclick.com
Software
nginx /
Resource Hash
8625c7422ba4ee21c7ef4cd43747fb00e7b35ee7d586fce55d656ddea3b4ff2c

Request headers

Referer
https://sweepwidget.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 28 May 2022 03:02:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://sweepwidget.com
Cache-Control
max-age=86400
Connection
close
X-Robots-Tag
noindex
Expires
Sat, 28 May 2022 23:02:52 GMT
pro.min.css
ka-p.fontawesome.com/releases/v6.1.1/css/ 		678 KB
111 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.1.1/css/pro.min.css?token=decab28076
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/decab28076.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
233892c1230257a59c75c85e3757af3ad91c610379ce6c8d878198cb158a9f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 15:20:26 GMT
server
cloudflare
age
5729590
etag
W/"752775d5a17cf798f74b31d806a23513"
x-cache-status
HIT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7123c103aef96946-FRA
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.1.1/css/ 		25 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.1.1/css/pro-v4-shims.min.css?token=decab28076
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/decab28076.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a4d1f3bbcfa4e08869f5312bacc46e3df02f5bc1ea5a4835ce10c9fb1c25e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
server
cloudflare
age
1670419
etag
"6239e939-1070"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7123c103aef76946-FRA
content-length
4208
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.1.1/css/ 		65 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.1.1/css/pro-v5-font-face.min.css?token=decab28076
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/decab28076.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
041ac3fde06808cfaae62c19c87dd0df3497cfa51d33e41dce44432fa4102af5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
server
cloudflare
age
5729585
etag
W/"31d66995ef1dda9b0ba5a569fa1e877e"
x-cache-status
MISS
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7123c103aef86946-FRA
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.1.1/css/ 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.1.1/css/pro-v4-font-face.min.css?token=decab28076
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/decab28076.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83f3e7c2acee6c1be9609cbb7d0dc70c9bf539f2653399547de62208bb559ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
server
cloudflare
age
5729590
etag
W/"560c901288f1535ffd7f4f9c8e0c0b5f"
x-cache-status
HIT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7123c103aef66946-FRA
sdk.js
connect.facebook.net/en_US/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=bf9a64293e676cbaae2daf143ac180a1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
94ebf24e6b2b935e0885ad3454b4d85f1a460b96f38adbac75943008d94da563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sweepwidget.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OQpt18O/C1qPZJ0lcWlclA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85708
x-fb-rlafr
0
x-fb-debug
M7WdqXBc+JbrOElOu6cLMdbGFl4CuJlPxs7uBAVvHOn4b0mpXhDQ6CA04LDILD7Dlb0ff5VUb412U2DOyrmXjw==
x-fb-content-md5
4b09c21d0808800d3604a5b8126ec2f1
x-frame-options
DENY
date
Sat, 28 May 2022 03:02:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"fb8406e2ce0f9ef70aad6ee1366ae0ee"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 28 May 2023 01:29:10 GMT
js
www.googletagmanager.com/gtag/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-84658411-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a68afdafc8d95b8649cf67813761ecc34ed33f0be583da38a8171a6ac0913185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39641
x-xss-protection
0
expires
Sat, 28 May 2022 03:02:52 GMT
pro-fa-solid-900-c69c5d.woff2
ka-p.fontawesome.com/releases/v6.1.1/webfonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-solid-900-c69c5d.woff2
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0b2fc97874efa0e86d54dd6d4591edcb3f4772891aae657eebba23ba1c8715

Request headers

Referer
https://sweepwidget.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:52 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 15:29:03 GMT
server
cloudflare
age
5729571
etag
"dad5f8c44f900ecd4319ac4bf84bd1a8"
x-cache-status
HIT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7123c1046fc66946-FRA
content-length
20556
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84658411-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2624
date
Sat, 28 May 2022 02:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 28 May 2022 04:19:08 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1760184635&t=pageview&_s=1&dl=https%3A%2F%2Fsweepwidget.com%2Fview%2F42012-jn81vbmp%3Futm_source%3DATP&ul=en-us&de=UTF-8&dt=Macbook%20Pro%2014%20Sweepstake%20%7C%20American%20Truth%20Project&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=451349945&gjid=834449287&cid=1386020359.1653706973&tid=UA-84658411-1&_gid=610366938.1653706973&_r=1&gtm=2ou5p1&z=1264150806
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sweepwidget.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 28 May 2022 03:02:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sweepwidget.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-84658411-1&cid=1386020359.1653706973&jid=451349945&gjid=834449287&_gid=610366938.1653706973&_u=YEBAAUAAAAAAAC~&z=1377664242
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sweepwidget.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 28 May 2022 03:02:53 GMT
content-type
text/plain
access-control-allow-origin
https://sweepwidget.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_widget_4.js
sweepwidget.com/w/j/ 		93 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sweepwidget.com/w/j/w_widget_4.js?v=621396805201
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b248334a273a5eb89d626293a7f392f12730e7ed98f68cc5bb8d1e08e3e51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:53 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 07 May 2022 16:15:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7123c1086df59040-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
udid.json
fn.us.user.sweepwidget.com/udid/ 		20 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fn.us.user.sweepwidget.com/udid/udid.json
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2605:6c80:1:c::8969:8cfd Charlotte, United States, ASN397373 (H4Y-TECHNOLOGIES, US),
Reverse DNS
Software
/
Resource Hash
4fdb97da7ef29c59ad54088225a7f2b1c3d964000e12dc9980664aaad528cc3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 28 May 2022 03:02:53 GMT
Last-Modified
Fri, 27 May 2022 23:02:53 GMT
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
close
Content-Length
20
Expires
Sat, 27 May 2023 23:02:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 23 May 2022 19:07:55 GMT
x-content-type-options
nosniff
age
374098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 19:07:55 GMT
c.php
sweepwidget.com/w/a/ 		32 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sweepwidget.com/w/a/c.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa77daaf9368ebfbbe3528b5f96ce732aaa05f28d2c886977cea559f71b64617

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 28 May 2022 03:02:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://sweepwidget.com
access-control-allow-credentials
true
cf-ray
7123c10c4a379040-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fetch
fn.us.user.sweepwidget.com/api/sweepwidget.com/k5DFGo3jjZwQe6uYVAjsTSlyCI2UsNDWICPhJm4FZheRyn3R4qc3y3nqfustbOC5JXMjwCctm62cwf8jREFcA7igzImAoOXrLceTEe6g8SP8Sj04lMU2Q43e5AzgJMq1m9gpll300RLTP1rWWuW2V8... 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fn.us.user.sweepwidget.com/api/sweepwidget.com/k5DFGo3jjZwQe6uYVAjsTSlyCI2UsNDWICPhJm4FZheRyn3R4qc3y3nqfustbOC5JXMjwCctm62cwf8jREFcA7igzImAoOXrLceTEe6g8SP8Sj04lMU2Q43e5AzgJMq1m9gpll300RLTP1rWWuW2V8P9t3iSKITo9d0sIiJYJiEYiG0Qy2Ua4y3JNhF04afXBLE9ptvKZsmx644SXupN0Kt3AceGFtODSw1mbkblBeOMDIOBWLYuQHuNuzDe6b56/learn/fetch
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2605:6c80:1:c::8969:8cfd Charlotte, United States, ASN397373 (H4Y-TECHNOLOGIES, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sweepwidget.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 28 May 2022 03:02:54 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
close
X-Robots-Tag
noindex
embed_v1.0.0.js
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/
Redirect Chain
  • https://www.tiktok.com/embed.js
  • https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/embed_v1.0.0.js
46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/embed_v1.0.0.js
Protocol
H2
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3afde0cb88e655c1c8a30024fab0e480c930cd9ef827e62e1660428de440047d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id
8b712b8
date
Sat, 28 May 2022 03:02:54 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
VYViNp3k7gy6atXIfS8WVg==
x-cache
TCP_MEM_HIT from a2-16-186-36.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41719314) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
14902
x-tos-request-id
a544470ee015ff7f-abe9612
x-tos-response-time
Thu, 17 Feb 2022 23:53:57 GMT
last-modified
Thu, 17 Feb 2022 23:02:31 GMT
server
nginx
etag
"558562369de4ee0cba6ad5c87d2f1656"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=1099927
access-control-allow-credentials
false
x-tt-trace-host
019b5856eaae8c9bf1cc06dd14332878a3d1ec0b6d3196b6e8efdba81e91a96ca62c9d87fc807e830ce11c48039c39d34813fdd21860b6be82e274a07dd69111fe697883b7079e6f93caca3202306a90757d87b261d7f6a7f7ad46dff1a18ee46543dfe01a996f01da28848c561590e999
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

x-akamai-request-id
3aa4c74.4bb5a79
strict-transport-security
max-age=31536000
x-cache-remote
TCP_MISS from a23-36-38-49.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41719314) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-206-28.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41719314) (-)
x-parent-response-time
103,23.54.206.28
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=15
content-length
154
pragma
no-cache
server
nginx
date
Sat, 28 May 2022 03:02:54 GMT
content-type
text/html
location
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/embed_v1.0.0.js
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.36.38.49
x-tt-trace-host
0172886fe873796103a6b2b68949a7221f61f4a12091ea142f91c23c7ca8b125832cc17fbb52311d2028136b802818e6ada752f365d6a6640f5eeeac28cffbc0ee954ea991983cea2ebd046d2d6acfa1449448813d2e90e42981d78901d2439553
expires
Sat, 28 May 2022 03:02:54 GMT
c_l.php
sweepwidget.com/w/a/ 		476 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sweepwidget.com/w/a/c_l.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab62fd5c64163fb8799f98a244cea9f813ee205998cb9e07dc27691cb449b9a

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 28 May 2022 03:02:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://sweepwidget.com
access-control-allow-credentials
true
cf-ray
7123c1106eb79040-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pro-fa-solid-900-4c6f7b.woff2
ka-p.fontawesome.com/releases/v6.1.1/webfonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-solid-900-4c6f7b.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e436b278745a23fa23d83dc3b6f03a65750c3d4dc14cb31743ffab79e994e24b

Request headers

Referer
https://sweepwidget.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:55 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 15:29:02 GMT
server
cloudflare
age
5729499
etag
"6e1b9146d279b56858226c1ae4751d00"
x-cache-status
HIT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7123c111ce7b6946-FRA
content-length
24860
pro-fa-solid-900-d5bbe9.woff2
ka-p.fontawesome.com/releases/v6.1.1/webfonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-solid-900-d5bbe9.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d915cf722fb8c04fdde1e23784350d1d8662cde6bb4d578b9bdaa1dd895b1bd

Request headers

Referer
https://sweepwidget.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:55 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 15:29:03 GMT
server
cloudflare
age
5729588
etag
"c28e87bc0d4b1a1734b57c297e30e102"
x-cache-status
HIT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7123c111de886946-FRA
content-length
25296
pro-fa-brands-400-6b2783.woff2
ka-p.fontawesome.com/releases/v6.1.1/webfonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-brands-400-6b2783.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0363dc1084087ff1dcc0e509f800f454464067936dfde1e9b5ca7febd7067f

Request headers

Referer
https://sweepwidget.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:55 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 15:28:59 GMT
server
cloudflare
age
5729587
etag
"b17b11a7e9b6c7b35f18b46d2829072d"
x-cache-status
MISS
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7123c111de916946-FRA
content-length
18900
sharer.min.js
cdn.jsdelivr.net/npm/sharer.js@latest/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sharer.js@latest/sharer.min.js
Requested by
Host: sweepwidget.com
URL: https://sweepwidget.com/view/42012-jn81vbmp?utm_source=ATP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5171a78670b031914e623431a33a3d73c1ea9897e552ba73bc2c2da7c777b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14805
x-jsd-version
0.5.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19150-FRA, cache-hhn4055-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1cf4-rU4XDuIRpC8036n5raFlH/qnNeg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS4f%2F4kqTCcW09a3rPcHwUcElIY9zJrXVT%2FVMCy2h0%2FMrMgM45BkMg6iDcD47GlDuzvn3sezr%2Bf1MV62KTx43WqHlXoypJe1H%2BXeukWFVgOEnIuxYY1vGDrKy2fmja7EzBxTgRuFtFoV6HXf614%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7123c1120c898fec-FRA
pro-fa-brands-400-2dfd01.woff2
ka-p.fontawesome.com/releases/v6.1.1/webfonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-brands-400-2dfd01.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79ce0bade10b6cbe4d43871d1c48336343f6719a74a0cb80f1644c920cdc970

Request headers

Referer
https://sweepwidget.com/
Origin
https://sweepwidget.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:55 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 15:28:59 GMT
server
cloudflare
age
5729499
etag
"ee8701172f03391f6a768ef139021e7b"
x-cache-status
HIT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7123c111eea96946-FRA
content-length
43932
17thwkizq0.png.thumb_900_width.png
sweepwidget.fra1.digitaloceanspaces.com/contests_main/2ffnm2ij0561a53f0ba1128m5h1ihykk73/ 		239 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sweepwidget.fra1.digitaloceanspaces.com/contests_main/2ffnm2ij0561a53f0ba1128m5h1ihykk73/17thwkizq0.png.thumb_900_width.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
fra1.digitaloceanspaces.com
Software
/
Resource Hash
20e547f5c55428711ec6fdde5f401ba4c36285038bbbd6508745b3181866aa02
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:55 GMT
last-modified
Thu, 30 Dec 2021 20:01:45 GMT
x-amz-request-id
tx000000000000078ffee5c-00629190df-472e5656-fra1b
etag
"1dc0b1c875d98c4aeff9ca219d75d8ae"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/png
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
content-length
244675
sw_gift_5_dark.png
sweepwidget.fra1.digitaloceanspaces.com/images/root/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sweepwidget.fra1.digitaloceanspaces.com/images/root/sw_gift_5_dark.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
fra1.digitaloceanspaces.com
Software
/
Resource Hash
3227739e66af8a6a25c700edb5851a573b2bea440effdafaf70d2d2cd1d1115b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 03:02:55 GMT
last-modified
Sat, 18 Dec 2021 03:52:13 GMT
x-amz-request-id
tx00000000000007913a18d-00629190df-474ee78e-fra1b
etag
"405226923fd77b7c0c5978b25c32f707"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/png
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
content-length
6893
embed_lib_v1.0.0.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.0.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id
8b712c1
date
Sat, 28 May 2022 03:02:55 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
zJ2Nyh55L+w+3gi0qlc5pw==
x-cache
TCP_MEM_HIT from a2-16-186-36.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41719314) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
1334
x-tos-request-id
215bbc0ee0ac721c-af54b1d
x-tos-response-time
Thu, 17 Feb 2022 23:56:28 GMT
last-modified
Thu, 17 Feb 2022 23:02:31 GMT
server
nginx
etag
"cc9d8dca1e792fec3ede08b4aa5739a7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=782135
access-control-allow-credentials
false
x-tt-trace-host
01401ce1d14342581293f3a7ae6231b7bc1cc3ca0a65d3c0441ec29e232712bd87cfab9a5ef1dd96cf2e08ab5ed44ccb92268200c62bb84e2f1c0a47d78c991d85b343371de6a118d0f754db4637100f040f59a1134eee2d3f1fc1f39b7cd2de4a1559ac8062f06bb38ff60d2af3710437c6374d3d85257493fd0f02b7cc2bdea4
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
embed_lib_v1.0.0.js
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.0.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
984afc335821b36c7949f6ec63602bf48634b527226a7eb5e3fb87e284b5dc22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sweepwidget.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id
8b712c2
date
Sat, 28 May 2022 03:02:55 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
X+Zs+H45nbj84uRKNQ1tvg==
x-cache
TCP_MEM_HIT from a2-16-186-36.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41719314) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
4538
x-tos-request-id
c3f8e50ee0ac1f79-af54b3b
x-tos-response-time
Thu, 17 Feb 2022 23:56:28 GMT
last-modified
Thu, 17 Feb 2022 23:02:31 GMT
server
nginx
etag
"5fe66cf87e399db8fce2e44a350d6dbe"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=1025660
access-control-allow-credentials
false
x-tt-trace-host
0121996623d7f17747880752552f1d35ed9e14a5f4553713f0020f3da7ab93481502329db5a6650890ae6481b879bb0160a5d6ae7b85f6b160deb6e62f2bceacb311255e8c565dcfd52c416e2e8897f6e40dba0c39e6437a2d788dfc5b00e1e1a1cacc12a79b58702907f717d7b390cf15dfeeb095de265659a20d79c8e5722c11
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery string| website_url function| is_valid_email_address boolean| isMobile function| detect_os function| exit function| trim function| Captcha function| removeSpaces function| ValidCaptcha function| if_add_plural function| if_add_plural_entries function| current_age function| string_contains_substring function| entry_attachment_file_upload function| entry_viral_share_selection function| entry_email_integration_checkbox function| custom_radio_options_display_value function| entry_email_integration_selection function| allowed_worldwide_checkbox_click function| remove_image_change_thumbnail function| remove_background_image_change_thumbnail function| remove_custom_logo_change_thumbnail function| remove_user_email_logo_change_thumbnail function| remove_require_verify_email_logo_change_thumbnail function| readURL function| readURL_dynamic function| select_if_required_selection_matches function| if_empty_field function| entry_method_fetch_values function| switch_entry_method_int_to_text function| switch_entry_method_int_to_provider function| switch_entry_method_text_to_int function| entry_link_url_or_username function| form_builder_widget object| isoCountries function| if_user_country_code_is_in_array function| if_user_allowed_countries_is_in_array function| language_drop_down_list function| ApiController function| PopupWindow function| SW_bonus_coupons_message function| winners_amount_allowed function| plan_display function| plan_id_to_text_chargebee function| plan_entry_limit function| chargebee_plan_id_retreive function| repeatable_actions_limit_func function| competition_live_stats_update function| AuthService object| respond object| Placeholders object| FontAwesomeKitConfig object| authService object| apiController object| constants function| getScriptName function| loadScript function| getParentHost function| browserSupportsCors function| detect_browser function| capitalizeFirstLetter function| capitalizeFirstLetterEachWord function| rand_string function| extractHostname function| ga_gtag_page_view function| ga_gtag function| areCookiesEnabledScript function| reload_page function| getTimeRemaining function| countdown_timer function| copy_to_clipboard function| initializeClock function| custom_entry_method_key_up_enable function| birthday_month function| birthday_day function| birthday_year function| unlock_rewards_display_func function| earned_rewards_dropdown_func function| verify_email_display_func function| entry_methods_view_func function| get_facebook_user_info function| user_account_details function| my_entries_display_func function| enable_disable_submit_button function| entries_completed_message function| pinterest_fetch_pins_boards function| hybridauth_modal_login_user function| auto_login_user function| telegram_login_popup_window function| update_view_l1 function| button_click_event function| social_login_events_bindings function| delete_cookie function| user_logout_click function| show_spam_message function| update_leaderboard function| update_user_remaining_entries_display function| l1_custom_fields_highlight_errors function| l1_custom_fields_error_check_values function| l1_custom_fields_values function| build_widget_body function| build_entry_methods_hidden_l1_values function| write_entry_methods function| entry_method_insert_post_events function| login_defer_timer number| refresh_leaderboard_iteration function| refresh_leaderboard_func function| popUp string| website_host boolean| cookies_enabled number| cors_jsonp string| ajax_type object| ajax_xhrFields string| ajax_dataType boolean| ajax_jsonp string| ip_address string| competition_id function| startup_fp function| __parseFunction object| Telegram function| gtag object| dataLayer object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| CHARSET object| CHARSET_MAP object| Loader object| Learn object| Startup function| loader string| host_url string| host_name object| IPQ object| r object| pxi object| compressor object| device object| fingerprint number| char object| fullScreenProperties number| mathAcos number| mathAcosh number| mathAcoshPf number| mathAsin number| mathAsinh number| mathCosh number| mathCoshPf number| mathExpm1 number| mathExpm1Pf number| mathSinh number| mathSinhPf number| mathTane boolean| mathExpE string| sw_f string| widget_embedded string| is_shopify_store_admin string| tokenKey object| main_store function| tokenFetcher function| saveToken function| getToken undefined| sendRequest object| regeneratorRuntime object| core object| __core-js_shared__ object| tiktokEmbed function| Sharer

5 Cookies

Domain/Path Name / Value
sweepwidget.com/view Name: ipqsd
Value: 1524939314
.sweepwidget.com/ Name: _ga
Value: GA1.2.1386020359.1653706973
.sweepwidget.com/ Name: _gid
Value: GA1.2.610366938.1653706973
.sweepwidget.com/ Name: _gat_gtag_UA_84658411_1
Value: 1
.sweepwidget.com/ Name: fingerprint_1653706974468
Value: undefined-1653706974468

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fn.us.user.sweepwidget.com
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
lf16-tiktok-web.ttwstatic.com
stats.g.doubleclick.net
sweepwidget.com
sweepwidget.fra1.digitaloceanspaces.com
telegram.org
user.sweepwidget.com
www.google-analytics.com
www.googletagmanager.com
www.tiktok.com
192.158.224.59
193.108.153.28
2.16.186.40
2001:67c:4e8:1033:2:100:0:a
2605:6c80:1:c::8969:8cfd
2606:4700:10::ac43:2a2d
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:1634
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c04::9d
2a03:2880:f01c:8012:face:b00c:0:3
5.101.109.44
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
041ac3fde06808cfaae62c19c87dd0df3497cfa51d33e41dce44432fa4102af5
0d915cf722fb8c04fdde1e23784350d1d8662cde6bb4d578b9bdaa1dd895b1bd
1d057371aaeef0639cc7efd1111bd04562c4d026c8fcc9c426dd678d393142fd
20e547f5c55428711ec6fdde5f401ba4c36285038bbbd6508745b3181866aa02
233892c1230257a59c75c85e3757af3ad91c610379ce6c8d878198cb158a9f63
2358eef82e19f11d27748db3055007ae32cc450a0c52aae4a1a95a45ff133048
3227739e66af8a6a25c700edb5851a573b2bea440effdafaf70d2d2cd1d1115b
3afde0cb88e655c1c8a30024fab0e480c930cd9ef827e62e1660428de440047d
3bedd6d3a9d00ce9c8cdaa23d9fa6b6d50327a3c32526dda0388af45dcf5aa5d
4fdb97da7ef29c59ad54088225a7f2b1c3d964000e12dc9980664aaad528cc3c
60c62e0e44a2b4a1116d28f8a69f20c108cc84b5c173060d134a6ec083e12240
66a4d1f3bbcfa4e08869f5312bacc46e3df02f5bc1ea5a4835ce10c9fb1c25e7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
772507aa1335e8548c4e64ca18f8fa21e91d3c9770e26169dc7c5cdade7ca862
8625c7422ba4ee21c7ef4cd43747fb00e7b35ee7d586fce55d656ddea3b4ff2c
8ab62fd5c64163fb8799f98a244cea9f813ee205998cb9e07dc27691cb449b9a
94ebf24e6b2b935e0885ad3454b4d85f1a460b96f38adbac75943008d94da563
984afc335821b36c7949f6ec63602bf48634b527226a7eb5e3fb87e284b5dc22
99415b685db1d26ce594232ca7ee232955ef160a4a9b93ac22ba301b96fe4caa
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a68afdafc8d95b8649cf67813761ecc34ed33f0be583da38a8171a6ac0913185
a83f3e7c2acee6c1be9609cbb7d0dc70c9bf539f2653399547de62208bb559ae
aa0b2fc97874efa0e86d54dd6d4591edcb3f4772891aae657eebba23ba1c8715
aa77daaf9368ebfbbe3528b5f96ce732aaa05f28d2c886977cea559f71b64617
b38a5e927e151b3264f7482ad1882b5a55322d28e224b115318276cfd5819419
ba5171a78670b031914e623431a33a3d73c1ea9897e552ba73bc2c2da7c777b9
bdc60665bda45d6b16ee0497f57e1bb22fd7d84e2a8208572675ab83824dc368
c79ce0bade10b6cbe4d43871d1c48336343f6719a74a0cb80f1644c920cdc970
ca501998ad1429ffc8499730c97257dd03c9bfd28e023e1f8972ca1255ab5d5c
ce0363dc1084087ff1dcc0e509f800f454464067936dfde1e9b5ca7febd7067f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b248334a273a5eb89d626293a7f392f12730e7ed98f68cc5bb8d1e08e3e51e
e436b278745a23fa23d83dc3b6f03a65750c3d4dc14cb31743ffab79e994e24b
e46eaa80aa6e63f6fb38ba409fcd7b536195da87816a7b84e32302a892b618bc
ed8d13bd96178ed28ac52237bfa406922a238d1c5069d450c80992306b9fca89
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e